package com.wlz.authorization.controller;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.security.DenyAll;
import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed;

@RestController
@RequestMapping("/admin/jsr")
public class AdminJSR250Controller {

//    @PermitAll
    @RolesAllowed({"ROLE_admin","ROLE_user"})
//    @DenyAll
    @GetMapping("/demo")
    public String demo() {
        return "spring security demo";
    }

}